I'm glad you guys are working on a standalone client. But, being a curious developer myself, I decided I'd like to try writing my own little script for decryption based on your description here, https://www.odrive.com/features/encryption, in the "What is the encryption process" section. That appeared to give basically all the detail necessary. However, a quick test reveals that something is missing. I encrypted a simple 893 byte text file and looked at the size difference between the encrypted file and the plain text file. They only have a 12 byte difference. If the stored file has the salt + IV + cipher text AND the plaintext had the SHA256 hash appended prior to encryption I would expect the file size to have grown by 96 bytes (32 bytes for each of the salt, hash, and IV) Since you're using CBC mode I guess the last block would have to be padded, but that would only be 3 bytes meaning the final file should actually be 99 bytes larger.
Anyway, what I'm wondering is if you left anything out of that description. E.g., is the plaintext compressed first? Or the plaintext + hash compressed?
Anyway, I'll play around with it more. Just curious though. Seems like a standalone app should be easy assuming it's basically just what you've described. Unless you've got your block chunking in there too...though I believe you already had example scripts for decoding that available in the forums.
PS: The only reason I'm even interested in doing this beyond curiosity is because I'm trying to script moving a bunch of my files from non-encrypted storage to encrypted storage. But, your CLI based linux app doesn't support encryption yet.